Yes, JSF uses HttpSession, but doesn't give you transparent access to it. Everything in JSF is handled via the managed-beans. So if you want something stored in the session give the managed-bean session scope.

IF you just can't live without manipulating the HttpSession directly you can do: